* [PATCH BlueZ 0/1] Fix crash in bluetoothctl exit
@ 2024-03-05 14:15 Andrei Istodorescu
2024-03-05 14:15 ` [PATCH BlueZ 1/1] shared/shell: Fix heap use after free on exit Andrei Istodorescu
2024-03-05 22:50 ` [PATCH BlueZ 0/1] " patchwork-bot+bluetooth
0 siblings, 2 replies; 4+ messages in thread
From: Andrei Istodorescu @ 2024-03-05 14:15 UTC (permalink / raw
To: linux-bluetooth
Cc: luiz.dentz, mihai-octavian.urzica, silviu.barbulescu,
vlad.pruteanu, iulia.tanasescu, Andrei Istodorescu
This patch sets the data.inputs and ata.queue to NULL after being freed.
This is needed so that further use of these queues won't access already
freed memory.
Andrei Istodorescu (1):
shared/shell: Fix heap use after free on exit
src/shared/shell.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--
2.40.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH BlueZ 1/1] shared/shell: Fix heap use after free on exit
2024-03-05 14:15 [PATCH BlueZ 0/1] Fix crash in bluetoothctl exit Andrei Istodorescu
@ 2024-03-05 14:15 ` Andrei Istodorescu
2024-03-05 15:31 ` Fix crash in bluetoothctl exit bluez.test.bot
2024-03-05 22:50 ` [PATCH BlueZ 0/1] " patchwork-bot+bluetooth
1 sibling, 1 reply; 4+ messages in thread
From: Andrei Istodorescu @ 2024-03-05 14:15 UTC (permalink / raw
To: linux-bluetooth
Cc: luiz.dentz, mihai-octavian.urzica, silviu.barbulescu,
vlad.pruteanu, iulia.tanasescu, Andrei Istodorescu
Set the value for data.inputs and data.queue queues to NULL after
freeing, so that further processes won't use already freed memory
---
src/shared/shell.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/shared/shell.c b/src/shared/shell.c
index 68499b464b69..7bcfcff3ee76 100644
--- a/src/shared/shell.c
+++ b/src/shared/shell.c
@@ -4,7 +4,7 @@
* BlueZ - Bluetooth protocol stack for Linux
*
* Copyright (C) 2017 Intel Corporation. All rights reserved.
- *
+ * Copyright 2024 NXP
*
*/
@@ -1362,7 +1362,9 @@ void bt_shell_cleanup(void)
rl_cleanup();
queue_destroy(data.inputs, NULL);
+ data.inputs = NULL;
queue_destroy(data.queue, free);
+ data.queue = NULL;
queue_destroy(data.prompts, prompt_free);
data.prompts = NULL;
--
2.40.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* RE: Fix crash in bluetoothctl exit
2024-03-05 14:15 ` [PATCH BlueZ 1/1] shared/shell: Fix heap use after free on exit Andrei Istodorescu
@ 2024-03-05 15:31 ` bluez.test.bot
0 siblings, 0 replies; 4+ messages in thread
From: bluez.test.bot @ 2024-03-05 15:31 UTC (permalink / raw
To: linux-bluetooth, andrei.istodorescu
[-- Attachment #1: Type: text/plain, Size: 1314 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=832554
---Test result---
Test Summary:
CheckPatch PASS 0.43 seconds
GitLint PASS 0.31 seconds
BuildEll PASS 24.58 seconds
BluezMake PASS 726.55 seconds
MakeCheck PASS 11.58 seconds
MakeDistcheck PASS 165.41 seconds
CheckValgrind PASS 228.10 seconds
CheckSmatch WARNING 333.06 seconds
bluezmakeextell PASS 107.49 seconds
IncrementalBuild PASS 671.47 seconds
ScanBuild PASS 944.14 seconds
Details
##############################
Test: CheckSmatch - WARNING
Desc: Run smatch tool with source
Output:
src/shared/shell.c: note: in included file (through /usr/include/readline/readline.h):src/shared/shell.c: note: in included file (through /usr/include/readline/readline.h):src/shared/shell.c: note: in included file (through /usr/include/readline/readline.h):
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH BlueZ 0/1] Fix crash in bluetoothctl exit
2024-03-05 14:15 [PATCH BlueZ 0/1] Fix crash in bluetoothctl exit Andrei Istodorescu
2024-03-05 14:15 ` [PATCH BlueZ 1/1] shared/shell: Fix heap use after free on exit Andrei Istodorescu
@ 2024-03-05 22:50 ` patchwork-bot+bluetooth
1 sibling, 0 replies; 4+ messages in thread
From: patchwork-bot+bluetooth @ 2024-03-05 22:50 UTC (permalink / raw
To: Andrei Istodorescu
Cc: linux-bluetooth, luiz.dentz, mihai-octavian.urzica,
silviu.barbulescu, vlad.pruteanu, iulia.tanasescu
Hello:
This patch was applied to bluetooth/bluez.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>:
On Tue, 5 Mar 2024 16:15:20 +0200 you wrote:
> This patch sets the data.inputs and ata.queue to NULL after being freed.
> This is needed so that further use of these queues won't access already
> freed memory.
>
> Andrei Istodorescu (1):
> shared/shell: Fix heap use after free on exit
>
> [...]
Here is the summary with links:
- [BlueZ,1/1] shared/shell: Fix heap use after free on exit
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=0bf9e6453ed5
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-03-05 22:50 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-05 14:15 [PATCH BlueZ 0/1] Fix crash in bluetoothctl exit Andrei Istodorescu
2024-03-05 14:15 ` [PATCH BlueZ 1/1] shared/shell: Fix heap use after free on exit Andrei Istodorescu
2024-03-05 15:31 ` Fix crash in bluetoothctl exit bluez.test.bot
2024-03-05 22:50 ` [PATCH BlueZ 0/1] " patchwork-bot+bluetooth
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).